Information Systems Security Manager (ISSM) -305308

We are seeking a senior Information Systems Security Manager (ISSM) to serve as the Subject Matter Expert (SME) for the Combined Air Operations Center – eXperimental (CAOC-X) enclave. The ISSM provides comprehensive cybersecurity support for all CAOC-X applications, tests, experiments, and exercises. This role is responsible for leading all cybersecurity operations, managing the full Risk Management Framework (RMF) lifecycle, and ensuring the security posture of both TS/SCI and NIPRNET environments complies with Federal, DoD, and Air Force directives. The ISSM serves as the focal point for all cybersecurity matters and will work closely with engineering, architecture, and mission teams to ensure the secure integration and protection of multi-classification environments.

Requirements

• Serve as the senior cybersecurity authority for CAOC-X information systems, ensuring compliance with directives such as AFI 17-101, DoDI 8510.01, and NIST SP 800-53.
• Develop, manage, and maintain complete Risk Management Framework (RMF) documentation and certification & accreditation (C&A) packages for all classified and unclassified systems.
• Lead all Authority to Operate (ATO) activities, including package development for ATO, Authority to Connect (ATC), and Interim Authority to Test (IATT).
• Serve as the focal point for cybersecurity, including Computer Security (COMPUSEC), Communications Security (COMSEC), and Telecommunications Electronics Materials Protected from Emanating Spurious Transmissions (TEMPEST)
• Oversee vulnerability management, STIG/SRG implementation, patching, and remediation using tools such as ACAS, NeuVector, & Endpoint Security Solutions (ESS).
• Lead the identification, evaluation, and mitigation of physical, technical, and administrative risks to the AOC and Air Force Global Information Grid.
• Maintain situational awareness of the cybersecurity posture, initiate corrective actions, and lead local cyber incident response activities.
• Conduct annual security reviews and testing of all cybersecurity controls.

Knowledge:

• Demonstrated experience creating, managing, and maintaining Risk Management Framework (RMF) documentation and artifacts.
• Proven experience with the cyber certification process for obtaining Authority to Operate (ATO), Authority to Connect (ATC), and Interim Authority to Test (IATT) on NIPRNET and SIPRNET.
• Hands-on experience implementing Security Technical Implementation Guides (STIGs) and managing Information Assurance Vulnerability Management (IAVM) programs.
• Experience with Commercial Solutions for Classified (CSfC) cross-domain solutions and their associated certification processes.
• Proficiency with vulnerability management and security tools, including ACAS, NeuVector, and Endpoint Security Solutions (ESS).
• Experience with SIEM tools.

Highly Desired:

• Experience with AOC systems, architecture, and networking.
• Experience with Zero Trust principles and implementation.
• Experience Windows & Linux Operating Systems, ACAS / ESS, HBSS

Abilities:

• Ability to lead ISSOs and provide cybersecurity guidance to all CAOC-X stakeholders.
• Ability to lead cybersecurity teams and coordinate with technical and mission stakeholders.
• Ability to coordinate directly with the Authorizing Official (AO) and Security Control Assessor (SCA) to support assessments, evidence collection, and risk determinations.
• Ability to author, review, and redline cybersecurity and engineering documentation.
• Ability to evaluate technical designs, system changes, and architectural impacts from a cybersecurity perspective.

Security Clearance:

• Must possess an active Secret clearance with the ability to be upgraded to Top Secret/SCI.

Required Certifications: 8140.03

• Education: A Master's degree or Doctorate in Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology, or Software Engineering.
• DoD/Military Training: Completion of the Information System Security Manager (Advanced) Playlist.
• Certifications: Possession of certifications such as CISM, CISSP, CISSP-ISSMP, FITSP-M, GCIA, GCIH, GICSP, or GSLC.

Experience:

• A minimum of 10 years of experience in a relevant cybersecurity field.
• Deep understanding of RMF, STIGs, and DoD cybersecurity policy.
• Knowledge of multi-classification environments (NIPRNET, SIPRNET, TS/SCI).
• Strong technical writing skills for SSPs, POA&Ms, and other RMF artifacts.
• Excellent communication, briefing, and time-management skills.

Benefits

• Covers 100% of employee benefit premiums, including Medical (PPO or HDHP Option), Vision, Dental

• Matching 401K
• Short- and Long-Term Disability
• Pet Insurance
• Professional Development/Education Reimbursement
• Parking and Transit Benefits for NY, NJ, ATL, and DC Metro areas

Other Duties:

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.